VYPR
Unrated severityNVD Advisory· Published Apr 8, 2011· Updated Jun 16, 2026

CVE-2011-0536

CVE-2011-0536

Description

Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • GNU/Glibc3 versions
    cpe:2.3:a:gnu:glibc:2.12-1.7.el6_0.3:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:gnu:glibc:2.12-1.7.el6_0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.5-49.el5_5.6:*:*:*:*:*:*:*
    • (no CPE)
  • cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

18

News mentions

0

No linked articles in our index yet.